<?php

session_start();
include_once('top.php');

if (!empty($_POST)) {
	$first = mysql_real_escape_string($_POST['first']);
	$last = mysql_real_escape_string($_POST['last']);
	$nemail = mysql_real_escape_string($_POST['email']);
	$npassword = mysql_real_escape_string($_POST['password']);
	$confirm = mysql_real_escape_string($_POST['confirm']);
	
	if ($npassword != $confirm) {
		$message = 'Passwords do not match';
	} else if ($_POST['new'] === 'false') {
		if (empty($npassword)) {
			$npassword = $password;
		}
		
		run("UPDATE USER SET First_name='$first' , Last_name='$last' , Password='$npassword' WHERE Email='$nemail'");
		run("DELETE FROM `CERTIFICATION` WHERE `User`='$nemail'");
		addCerts($nemail);
		$message = 'Employee info saved';
		$user = fetch_only("SELECT First_name, Last_name, Email FROM USER WHERE Email = '$nemail' LIMIT 1");
		$certifications = fetch_all("SELECT Title FROM CERTIFICATION WHERE User = '$nemail'");
	} else {
		$nemail = mysql_real_escape_string($_POST['email']);
		
		if (empty($first) || empty($last) || empty($nemail) || empty($npassword)) {
			$message = 'All fields (except certifications) are required';
		} else {
			run("INSERT INTO USER (First_name , Last_name , Email , Password, Type) VALUES ('$first', '$last', '$nemail', '$npassword', 'R');");
			addCerts($nemail);
			
			header("location: employee_info.php?user=$nemail");
		}
	}
} else if (!empty($_GET)) {
	$nemail = mysql_real_escape_string($_GET['user']);
	$user = fetch_only("SELECT First_name, Last_name, Email FROM USER WHERE Email = '$nemail' LIMIT 1");
	$certifications = fetch_all("SELECT Title FROM CERTIFICATION WHERE User = '$nemail'");
}

function addCerts($user) {
	$certs = Array();
	
	for ($i = 0; $i < count($_POST['cert']) - 1; $i++) {
		if (!empty($_POST['cert'][$i])) {
			array_push($certs, mysql_real_escape_string($_POST['cert'][$i]));
		}
	}
	
	$string = "";
	
	foreach ($certs as $cert) {
		$string .= "('$user', '$cert'),";
	}
	
	$string = substr($string, 0, strlen($string) - 1);
	run("INSERT INTO `CERTIFICATION` (`User`, `Title`) VALUES $string");
}

?>

<html>
<head>
	<title>GT Project Manager - View Employee</title>
	<link rel="stylesheet" type="text/css" href="main.css" />
	<link rel="stylesheet" type="text/css" href="inner.css" />
	<style type="text/css">
		#new {
			color: grey;
		}
	</style>
	<script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/jquery/1.6.2/jquery.min.js"></script>
	<script type="text/javascript">
		var i = 0;
		
		function cert(e) {
			if (e.target.id == 'new') {
				$('#new').val('');
				$('#new').attr('id', '');
				
				var container = $('#container');
				container.append('<tr><td><input type="text" name="cert[]" value="New Certification" id="new" /></td></tr>');
				$('#new').focus(cert);
			}
		}
		
		function email() {
			if ($('#email').val().length > 0) {
				var email = $('#email').val();
				
				$.get('is_email_available.php?email=' + email, function(data) {
					if (data == '1') {
						$('#status').attr('src', 'check.png');
						$('#status').attr('title', 'This email address is available');
					} else {	
						$('#status').attr('src', 'x.png');
						$('#status').attr('title', 'This email address is already used');
					}
				});
			}
		}
		
		$(document).ready(function() {
			$('input').focus(cert);
			$('#email').keyup(email);
		});
	</script>
</head>
<body>
	<form action="#" method="post">
	<table cellspacing="0" cellpadding="0" id="main">
		<tr><td id="title">
			<?php
			
			if (isset($user)) {
				echo "{$user['First_name']} {$user['Last_name']}";
				echo '<input type="hidden" name="new" value="false" />';
			} else {
				echo 'New User';
				echo '<input type="hidden" name="new" value="true" />';
			}
			?>
			<div class="nav">
				<a href="login.php?action=logout">Log Out</a><br />
				<?php echo $link ?>
			</div>
		</td></tr>
		<?php
		if ($message) {
		?>
		<tr><td class="message" colspan="2"><?php echo $message ?></td></tr>
		<?php
		}
		?>
		<tr>
			<td>
				<table class="details" cellspacing="0" cellpadding="0">
					<tr>
						<th>First Name</th>
						<td><input type="text" name="first" value="<?php echo $user['First_name'] ?>" /></td>
					</tr>
					<tr>
						<th>Last Name</th>
						<td><input type="text" name="last" value="<?php echo $user['Last_name'] ?>" /></td>
					</tr>
					<tr>
						<th>Email</th>
						<?php
						if (isset($user)) {
						?>
						<td><input type="text" name="email" value="<?php echo $user['Email'] ?>" readonly="readonly" /></td>
						<?
						} else {
						?>
						<td><input type="text" name="email" id="email" /><img src="blank.gif" id="status" title="" /></td>
						<?
						}
						?>
					</tr>
					<tr>
						<th>Password</th>
						<td><input type="password" name="password" /></td>
					</tr>
					<tr>
						<th>Confirm Password</th>
						<td><input type="password" name="confirm" /></td>
					</tr>
				</table>
			</td>
		</tr>
		<tr>
			<td>
				<table class="subsection" cellspacing="0" cellpadding="0">
					<tbody id="container">
						<tr><td class="title">
							Certifications
							<hr size="1" />
						</td></tr>
						<?php
						
						if (isset($certifications)) {
						
						foreach($certifications as $certification) {
						?>
						<tr><td><input type="text" name="cert[]" value="<?php echo $certification['Title'] ?>" /></td></tr>
						<?
						}
						}
						?>
						<tr><td><input type="text" name="cert[]" value="New Certification" id="new" /></td></tr>
					</tbody>
				</table>
			</td>
		</tr>
		<tr>
			<td class="button_bar">
				<input type="submit" value="Save" />
			</td>
		</tr>
	</table>
	</form>
</body>
</html>
